% CST8207 Week 02 Notes - command line and the Course Linux Server [CLS] % Ian! D. Allen - - [www.idallen.com] % Fall 2013 - September to December 2013 - Updated Mon Oct 7 00:38:34 EDT 2013 Readings, Assignments, Labs, and ToDo ===================================== - Read (at least) these things (All The Words): - [Week 02 Notes HTML] - this file - **Read All The Words** - [Guidelines for strong passwords] - [Finding Help in Manual Pages - RTFM] - [Command Arguments and Options] - [Unix/Linux File System and Pathnames (ROOT, absolute, relative, dot, dot dot] - [List of Commands You Should Know] - Using your [lynda.com] account, watch [Unix for Mac OS X Users] - **1. Intro to Unix** - Command structure 5m 22s - command names, options, and arguments - Kernels and shells 5m 25s - the O/S core vs. the shell programs that read your command line - Unix manual pages 4m 6s - `man` - how to get help on every Unix/Linux command name - “the most valuable movie”, “your best friend” - **2. Filesystem Basics** - The working directory 2m 49s - `pwd` - Listing files and directories 3m 59s - `pwd`, `ls`, hidden files - Moving around the filesystem 4m 58s - `cd`, TAB filename completion, absolute/relative paths - Filesystem organization 4m 12s - ROOT, standard Unix folders - **3. Working with Files and Directories** - Naming files 5m 41s - Unix is case-sensitive, OSX is case-insensitive! - avoid special characters or blanks in Unix pathnames Assignments this week --------------------- Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. - Read (All The Words), Do, and then Submit via Blackboard: - [Assignment #01 HTML] – Multi-tasking and Homework - [Assignment #02 HTML] – simple file system commands on the CLS Lab work this week ------------------ - You instructor will walk you through [File Transfer]. - [Worksheet #02 HTML] – Using standard Linux commands - [Worksheet #03 HTML] – Using standard Linux commands Errors in submitted assignment01.txt ------------------------------------ As of noon today (Sunday September 15), 11 students have not **Read All The Words** in Assignment 1 and will not be getting marks tomorrow: Bad file name: part 2.txt Bad file name: assignment 01.txt Bad file name: CST8207 Assignment 01 Xxxxxxx.txt Bad file name: Assignment01.txt Bad file name: assignment01XxxxxXxxxxxxx.txt Assignment uploaded without file attachment Bad file name: assignment01.txt.txt Text found in Blackboard comments box (ignored) Bad file name: assignment 01.txt Bad file name: assignment01.txt.txt Bad file name: Assignment01.txt **Go to your assignment upload area and check your file name!** From the Class Notes link on the Course Home Page ================================================= - Review last week. Did you do everything assigned last week? From the Classroom Whiteboard/Chalkboard ======================================== - Your in-class notes go here. - Using pathnames, especially relative pathnames. Midterm Test Date Survey (not binding) -------------------------------------- - First Midterm test date survey (not binding!): - See the results: - 45 minutes; 15% - Second Midterm test date survey (not binding!): - See the results: - 60 minutes; 25% Getting locked out of the server -------------------------------- - The [Course Linux Server] runs the `denyhosts` intrusion protection package. If your login attempt fails too many times, your IP address will be locked out: Sep 8 17:28:33 Failed password for XXXXXXXX from 173.33.93.53 port 59990 ssh2 Sep 8 17:29:07 Failed password for XXXXXXXX from 173.33.93.53 port 59990 ssh2 Sep 8 17:34:17 Failed password for XXXXXXXX from 173.33.93.53 port 60044 ssh2 Sep 8 17:34:57 Failed password for XXXXXXXX from 173.33.93.53 port 60044 ssh2 Sep 8 21:20:55 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:21:06 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:21:28 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:21:55 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:22:05 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:22:11 Failed password for XXXXXXXX from 173.33.93.53 port 61939 ssh2 Sep 8 21:22:46 Failed password for XXXXXXXX from 173.33.93.53 port 61948 ssh2 Sep 8 21:23:04 Failed password for XXXXXXXX from 173.33.93.53 port 61948 ssh2 Sep 8 21:23:09 Failed password for XXXXXXXX from 173.33.93.53 port 61948 ssh2 Sep 8 21:23:12 Connection closed by 173.33.93.53 [preauth] Sep 8 21:25:26 refused connect from cpe185933464b36-cm185933464b33.cpe.net.cable.rogers.com (173.33.93.53) Sep 8 21:25:52 refused connect from cpe185933464b36-cm185933464b33.cpe.net.cable.rogers.com (173.33.93.53) Sep 8 21:26:19 refused connect from cpe185933464b36-cm185933464b33.cpe.net.cable.rogers.com (173.33.93.53) Sep 8 21:32:46 refused connect from cpe185933464b36-cm185933464b33.cpe.net.cable.rogers.com (173.33.93.53) Real Sysadmin Work ================== People in China, California try to log in as `root` on the CLS: Sep 9 22:58:31 Failed password for root from 117.79.148.54 port 43791 ssh2 Sep 10 13:30:16 refused connect from 117.79.148.54 117.79.148.54) $ whois 117.79.148.54 descr: Beijing Sanxin Shidai Co.Ltd descr: 1513 Xinjishu building Beijing link west road descr: Haidian District, Beijing, PRC country: CN Sep 10 01:37:34 Failed password for root from 198.13.117.194 port 46897 ssh2 Sep 10 01:37:35 refused connect from 198.13.117.194 (198.13.117.194) $ whois 198.13.117.194 OrgName: Psychz Networks OrgId: PS-184 Address: 20687-2 Amar Road #312 City: Walnut StateProv: CA Sep 11 04:56:15 Failed password for root from 59.55.141.104 port 2396 ssh2 Sep 11 04:56:26 Failed password for root from 59.55.141.104 port 2766 ssh2 Sep 11 04:56:33 refused connect from 59.55.141.104 (59.55.141.104) $ whois 59.55.141.104 descr: CHINANET Jiangxi province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN Someone in Ohio tries probing account names: Sep 10 10:05:17 Invalid user aditza from 66.84.25.6 Sep 10 10:05:18 Failed password for invalid user aditza from 66.84.25.66 port 55317 ssh2 Sep 10 10:05:19 Invalid user admin1 from 66.84.25.6 Sep 10 10:05:21 Failed password for invalid user admin1 from 66.84.25.66 port 56315 ssh2 Sep 10 10:05:22 Invalid user admin from 66.84.25.66 Sep 10 10:05:24 Failed password for invalid user admin from 66.84.25.66 port 57605 ssh2 Sep 10 10:05:25 Invalid user admin from 66.84.25.66 Sep 10 10:05:27 Failed password for invalid user admin from 66.84.25.66 port 58969 ssh2 Sep 10 10:05:27 Invalid user ale from 66.84.25.66 Sep 10 10:05:30 Failed password for invalid user ale from 66.84.25.66 port 59986 ssh2 Sep 10 10:05:30 Invalid user alex from 66.84.25.66 Sep 10 10:05:33 Failed password for invalid user alex from 66.84.25.66 port 33066 ssh2 Sep 10 10:05:33 Invalid user alex from 66.84.25.66 Sep 10 10:05:35 Failed password for invalid user alex from 66.84.25.66 port 34321 ssh2 Sep 10 10:05:36 Invalid user Alin from 66.84.25.66 Sep 10 10:05:37 Failed password for invalid user Alin from 66.84.25.66 port 35553 ssh2 Sep 10 10:05:38 refused connect from s66.n25.n84.n66.static.myhostcenter.com (66.84.25.66) $ whois 66.84.25.6 OrgName: Jumpline Inc Address: 5000 ARLINGTON CENTRE BLVD City: Upper Arlington StateProv: OH Attackers in China probe account names: Sep 10 15:57:21 Failed password for root from 221.6.96.177 port 56455 ssh2 Sep 10 15:57:26 Failed password for root from 221.6.96.177 port 57756 ssh2 Sep 10 15:57:31 Failed password for root from 221.6.96.177 port 59015 ssh2 Sep 10 15:57:35 Failed password for invalid user db2inst1 from 221.6.96.177 port 60362 ssh2 Sep 10 15:57:39 Failed password for root from 221.6.96.177 port 33334 ssh2 Sep 10 15:57:44 Failed password for invalid user prueba from 221.6.96.177 port 34543 ssh2 Sep 10 15:57:48 Failed password for bin from 221.6.96.177 port 35865 ssh2 Sep 10 15:57:49 refused connect from ns3.itgle.com (221.6.96.177) $ whois 221.6.96.177 address: No. 65 Beijing West Road,Nanjing,China Sep 11 02:26:39 Failed password for root from 202.104.147.26 port 28629 ssh2 Sep 11 02:27:02 Failed password for root from 202.104.147.26 port 21095 ssh2 Sep 11 02:27:05 Failed password for root from 202.104.147.26 port 21095 ssh2 Sep 11 02:27:07 Failed password for root from 202.104.147.26 port 21095 ssh2 Sep 11 02:27:24 Failed password for root from 202.104.147.26 port 22920 ssh2 Sep 11 02:27:36 refused connect from 202.104.147.26 (202.104.147.26) Sep 11 02:27:47 refused connect from 202.104.147.26 (202.104.147.26) Sep 11 02:27:59 refused connect from 202.104.147.26 (202.104.147.26) $ whois 202.104.147.26 person: LI XINKAIG address: F9,HONGBO MANSION,HONGHUYI STREET,SHENZHEN country: CN Someone in California probes account names: Sep 10 23:57:41 Failed password for root from 216.99.159.114 port 53777 ssh2 Sep 10 23:57:44 Failed password for invalid user app from 216.99.159.114 port 54881 ssh2 Sep 10 23:57:46 Failed password for invalid user avouni from 216.99.159.114 port 55935 ssh2 Sep 10 23:57:49 Failed password for invalid user berila from 216.99.159.114 port 56930 ssh2 Sep 10 23:57:52 Failed password for bin from 216.99.159.114 port 58210 ssh2 Sep 10 23:57:55 Failed password for bin from 216.99.159.114 port 59461 ssh2 Sep 10 23:57:58 Failed password for bin from 216.99.159.114 port 60597 ssh2 Sep 10 23:58:02 Failed password for bin from 216.99.159.114 port 61815 ssh2 Sep 10 23:58:05 Failed password for bin from 216.99.159.114 port 63057 ssh2 Sep 10 23:58:07 Failed password for bin from 216.99.159.114 port 64347 ssh2 Sep 10 23:58:11 Failed password for bin from 216.99.159.114 port 40226 ssh2 Sep 10 23:58:11 refused connect from 216.99.159.114 (216.99.159.114) $ whois 216.99.159.114 OrgName: Psychz Networks Address: 20687-2 Amar Road #312 City: Walnut StateProv: CA Some crackers in Columbia and Hong Kong try to fetch account files from my machine using long strings of parent directories (`..`) in Web URLs: 2013-04-28_03:08:36 190.90.185.241 "GET /help/index.php?screen=../../../../../../../../etc/voipnow/voipnow.conf HTTP/1.1" 404 243 "-" "HTTP_Request2/2.1.1 (http://pear.php.net/package/http_request2) PHP/5.1.6" 332 451 "/var/www/html/help" 2013-02-18_20:46:30 223.255.179.115 "GET /?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D../../../../../../../../../../../../etc/passwd%00%20-n/?-d%20allow_url_include%3DOn+-d%20auto_prepend_file%3D../../../../../../../../../../../../etc/passwd%00%20-n HTTP/1.1" 200 541 "-" "curl/7.19.4 (i386-redhat-linux-gnu) libcurl/7.19.4 NSS/3.12.2.0 zlib/1.2.3 libidn/0.6.14 libssh2/0.18" 385 826 "/var/www/html/index.html" $ whois 192.168.9.250 owner: Flywan S.A. address: 000 - Medellin - CO country: CO $ whois 223.255.179.115 descr: Wharf T&T Limited descr: Kwun Tong, Kowloon country: HK  ![Take Notes in Class] -- | Ian! D. Allen - idallen@idallen.ca - Ottawa, Ontario, Canada | Home Page: http://idallen.com/ Contact Improv: http://contactimprov.ca/ | College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/ | Defend digital freedom: http://eff.org/ and have fun: http://fools.ca/ [Plain Text] - plain text version of this page in [Pandoc Markdown] format [www.idallen.com]: http://www.idallen.com/ [Guidelines for strong passwords]: http://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwords [Finding Help in Manual Pages - RTFM]: 140_man_page_RTFM.html [Command Arguments and Options]: 150_arguments_and_options.html [Unix/Linux File System and Pathnames (ROOT, absolute, relative, dot, dot dot]: 160_pathnames.html [List of Commands You Should Know]: 900_unix_command_list.html [lynda.com]: https://lyceum.algonquincollege.com/Lynda [Unix for Mac OS X Users]: http://wwwlyndacom.rap.ocls.ca/Mac-OS-X-10-6-tutorials/Unix-for-Mac-OS-X-Users/78546-2.html [File Transfer]: 015_file_transfer.html [Worksheet #02 HTML]: worksheet02.html [Worksheet #03 HTML]: worksheet03.html [Course Linux Server]: 070_course_linux_server.html [Take Notes in Class]: data/remember.jpg "Take Notes in Class" [Plain Text]: week02notes.txt [Pandoc Markdown]: http://johnmacfarlane.net/pandoc/